当
lq.setFirstResult(0);
lq.setMaxResults(16);
查询结果为什么是前10条,而不是1-15条。
lq.setFirstResult(1);
lq.setMaxResults(16);
查询结果确正常为2-17条数据,
lq.setFirstResult(2);
lq.setMaxResults(16);
查询结果确正常为3-17条。
lq.setFirstResult(3);
lq.setMaxResults(16);
查询结果确正常为4-17条条。
当pageSize(每页显示数目小于10时)均正常。
本人不解。。
hibernate oracle分页是3层。
从第一条数据取数据的时候,两层就行。
hibernate生成的sql是两层。但是为什么把16变成了10.
我不清楚hibernate底层是怎么实现的,也不相信底层会把从第一条数据取,第一次取大于10条的数据,
就限制只能取10条。
经过多番测试。终究结果还是首次取1-大于10条的数据 只能查出来10条。
不明白为什么?
源码如下:
*HQL分页查询
db层:
/*
* HQL分页
*/
public List findPage(String hql,int starPage,int pageSize);
*@param hql语句 ,starpage页数, pageSize每页显示条数
*@return ls 查询结果集合
*/
public List findPage(String hql, int starPage, int pageSize) {
List ls=null;
try
{
Query lq=super.getSession().createQuery(hql);
lq.setFirstResult((starPage-1)*pageSize);
lq.setMaxResults(pageSize);
ls=lq.list();
}catch (Exception e) {
// TODO: handle exception
e.printStackTrace();
}finally{
super.getSession().close();
}
return ls;
}
dao层:
/*查询栏目下当前页数的新闻*/
public List<ShNews> findNews(String hql,int startPage,int pageSize);
/**
* 查询栏目下面的新闻列表
* @author gouwei
* @param hql语句,startPage:页数,pageSize:每页条数
* @return list 新闻列表集合
*/
public List<ShNews> findNews(String hql, int startPage, int pageSize) {
List<ShNews> list=gf.findPage(hql, startPage, pageSize);
return list;
}
services层:
/*获取频道文章列表接口*/
public List<ShNews> selectNews(ShNews sh,int startPage,int pageSize);
/**
* 实现servers接口 ,得到频道文章列表信息
* @param HQL查询语句,startPage:页数,overpage:每页条数
* @return list 文章列表集合
*/
public List<ShNews> selectNews(ShNews sh,int startPage,int pageSize ) {
String hql="from ShNews sh where sh.shType.shTypeId="+sh.getShType().getShTypeId()+" and sh.shUser.shUserId="+sh.getShUser().getShUserId()+"";
List<ShNews> list=news.findNews(hql, startPage, pageSize);
return list;
}
action层:
package com.sh.action.news;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.struts2.ServletActionContext;
import com.opensymphony.xwork2.ActionSupport;
import com.sh.bean.ShNews;
import com.sh.bean.ShType;
import com.sh.bean.ShUser;
import com.sh.service.news.NewsService;
public class NewsAction extends ActionSupport {
private NewsService newsService;//得到services
private int typeId;//栏目类型ID
private int starPage=1;//初始化为1,默认从第一页开始显示
private int pageSize=16;//初始化16,每页显示16条数据
private int userId;//用户ID
public int getPageSize() {
return pageSize;
}
public void setPageSize(int pageSize) {
this.pageSize = pageSize;
}
public int getUserId() {
return userId;
}
public void setUserId(int userId) {
this.userId = userId;
}
public NewsService getNewsService() {
return newsService;
}
public void setNewsService(NewsService newsService) {
this.newsService = newsService;
}
public int getTypeId() {
return typeId;
}
public void setTypeId(int typeId) {
this.typeId = typeId;
}
public int getStarPage() {
return starPage;
}
public void setStarPage(int starPage) {
this.starPage = starPage;
}
/**
* 根据栏目类型ID得到该栏目下的所有的文章信息
* @author gouwei
* @return String
*/
public String findNews(){
// System.out.println("starPage:"+starPage);
ShNews sh=new ShNews();
ShType type=new ShType();
type.setShTypeId(typeId);
sh.setShType(type);
ShUser u=new ShUser();
u.setShUserId(userId);
sh.setShUser(u);
List<ShNews> list=newsService.selectNews(sh, starPage, pageSize);//每页16条
System.out.println(list.size());
if(list!=null ){
HttpServletRequest request = ServletActionContext.getRequest ();
request.setAttribute("listNews",list);
}
for(int i=0;i<list.size();i++){
System.out.println(list.get(i).getShNewId());
}
}
return "success";
}
jsp:
[img=C:\Users\gouwei\Desktop][/img]
5 个解决方案
#1
db层把startpage变量跟pageSize变量输出看看,然后把hibernate自动生成的sql贴出来看看
#2
首先我没有看懂这里的意思?表中一共17条数据。
/**
* 实现servers接口 ,得到频道文章列表信息
* @param HQL查询语句,startPage:页数,overpage:每页条数
* @return list 文章列表集合
*/
public List<ShNews> selectNews(ShNews sh,int startPage,int pageSize ) {
String hql="from ShNews sh where sh.shType.shTypeId="+sh.getShType().getShTypeId()+" and sh.shUser.shUserId="+sh.getShUser().getShUserId()+"";
List<ShNews> list= news.findNews(hql, startPage, pageSize);
上面应该是个变量吧???我怎么没有看见声明呢?还有就是你不害怕注入式攻击??还用拼接字符串。。。还有就是你都不用判断就开始分页了??
/**
* 实现servers接口 ,得到频道文章列表信息
* @param HQL查询语句,startPage:页数,overpage:每页条数
* @return list 文章列表集合
*/
public List<ShNews> selectNews(ShNews sh,int startPage,int pageSize ) {
String hql="from ShNews sh where sh.shType.shTypeId="+sh.getShType().getShTypeId()+" and sh.shUser.shUserId="+sh.getShUser().getShUserId()+"";
List<ShNews> list= news.findNews(hql, startPage, pageSize);
上面应该是个变量吧???我怎么没有看见声明呢?还有就是你不害怕注入式攻击??还用拼接字符串。。。还有就是你都不用判断就开始分页了??
#3
今天早上起床,打开项目一看。正常了。
不明白为什么?
昨晚上重启很多次,也把wepapps下和work下的项目都删除。。重启部署。
project--clear也清理了项目。
然后启动,,还是只能显示10条。
早上没有做任何修改显示了16条。为何!?
------
昨晚:
Hibernate:
select
*
from
( select
shnews0_.SH_NEW_ID as SH1_2_,
shnews0_.SH_USER_ID as SH2_2_,
shnews0_.SH_TYPE_ID as SH3_2_,
shnews0_.SH_ROLE_ID as SH4_2_,
shnews0_.SH_NEW_TITLE as SH5_2_,
shnews0_.SH_NEW_CONTENT as SH6_2_,
shnews0_.SH_NEW_TIME as SH7_2_,
shnews0_.SH_END_TIME as SH8_2_,
shnews0_.SH_NEW_STATUS as SH9_2_,
shnews0_.SH_NEW_URL as SH10_2_,
shnews0_.SH_NEW_BACKID as SH11_2_,
shnews0_.SH_USER_NAME as SH12_2_,
shnews0_.SH_NEW_TYPE as SH13_2_
from
CENETWORK.SH_NEWS shnews0_
where
shnews0_.SH_TYPE_ID=7
and shnews0_.SH_USER_ID=402 )
where
rownum <= ?
syso..(starPage+","+pageSize)=1,16
syso...(list.size())=10
---------------------------
Hibernate:
select
*
from
( select
shnews0_.SH_NEW_ID as SH1_2_,
shnews0_.SH_USER_ID as SH2_2_,
shnews0_.SH_TYPE_ID as SH3_2_,
shnews0_.SH_ROLE_ID as SH4_2_,
shnews0_.SH_NEW_TITLE as SH5_2_,
shnews0_.SH_NEW_CONTENT as SH6_2_,
shnews0_.SH_NEW_TIME as SH7_2_,
shnews0_.SH_END_TIME as SH8_2_,
shnews0_.SH_NEW_STATUS as SH9_2_,
shnews0_.SH_NEW_URL as SH10_2_,
shnews0_.SH_NEW_BACKID as SH11_2_,
shnews0_.SH_USER_NAME as SH12_2_,
shnews0_.SH_NEW_TYPE as SH13_2_
from
CENETWORK.SH_NEWS shnews0_
where
shnews0_.SH_TYPE_ID=7
and shnews0_.SH_USER_ID=402 )
where
rownum <= ?
syso..(starPage+","+pageSize)=1,16
syso..(list.size())=16
不明白为什么?
昨晚上重启很多次,也把wepapps下和work下的项目都删除。。重启部署。
project--clear也清理了项目。
然后启动,,还是只能显示10条。
早上没有做任何修改显示了16条。为何!?
------
昨晚:
Hibernate:
select
*
from
( select
shnews0_.SH_NEW_ID as SH1_2_,
shnews0_.SH_USER_ID as SH2_2_,
shnews0_.SH_TYPE_ID as SH3_2_,
shnews0_.SH_ROLE_ID as SH4_2_,
shnews0_.SH_NEW_TITLE as SH5_2_,
shnews0_.SH_NEW_CONTENT as SH6_2_,
shnews0_.SH_NEW_TIME as SH7_2_,
shnews0_.SH_END_TIME as SH8_2_,
shnews0_.SH_NEW_STATUS as SH9_2_,
shnews0_.SH_NEW_URL as SH10_2_,
shnews0_.SH_NEW_BACKID as SH11_2_,
shnews0_.SH_USER_NAME as SH12_2_,
shnews0_.SH_NEW_TYPE as SH13_2_
from
CENETWORK.SH_NEWS shnews0_
where
shnews0_.SH_TYPE_ID=7
and shnews0_.SH_USER_ID=402 )
where
rownum <= ?
syso..(starPage+","+pageSize)=1,16
syso...(list.size())=10
---------------------------
Hibernate:
select
*
from
( select
shnews0_.SH_NEW_ID as SH1_2_,
shnews0_.SH_USER_ID as SH2_2_,
shnews0_.SH_TYPE_ID as SH3_2_,
shnews0_.SH_ROLE_ID as SH4_2_,
shnews0_.SH_NEW_TITLE as SH5_2_,
shnews0_.SH_NEW_CONTENT as SH6_2_,
shnews0_.SH_NEW_TIME as SH7_2_,
shnews0_.SH_END_TIME as SH8_2_,
shnews0_.SH_NEW_STATUS as SH9_2_,
shnews0_.SH_NEW_URL as SH10_2_,
shnews0_.SH_NEW_BACKID as SH11_2_,
shnews0_.SH_USER_NAME as SH12_2_,
shnews0_.SH_NEW_TYPE as SH13_2_
from
CENETWORK.SH_NEWS shnews0_
where
shnews0_.SH_TYPE_ID=7
and shnews0_.SH_USER_ID=402 )
where
rownum <= ?
syso..(starPage+","+pageSize)=1,16
syso..(list.size())=16
#4
变量声明了的。没有贴出来。
注入式攻击是什么意思??
还没有判断就,直接赋值就出现了这个问题,,
#5
SQL注入是最基本的攻击手段之一,sql不能这么拼接,最好用占位符,设置参数的方法,不要拼接SQL。
具体请google。
#1
db层把startpage变量跟pageSize变量输出看看,然后把hibernate自动生成的sql贴出来看看
#2
首先我没有看懂这里的意思?表中一共17条数据。
/**
* 实现servers接口 ,得到频道文章列表信息
* @param HQL查询语句,startPage:页数,overpage:每页条数
* @return list 文章列表集合
*/
public List<ShNews> selectNews(ShNews sh,int startPage,int pageSize ) {
String hql="from ShNews sh where sh.shType.shTypeId="+sh.getShType().getShTypeId()+" and sh.shUser.shUserId="+sh.getShUser().getShUserId()+"";
List<ShNews> list= news.findNews(hql, startPage, pageSize);
上面应该是个变量吧???我怎么没有看见声明呢?还有就是你不害怕注入式攻击??还用拼接字符串。。。还有就是你都不用判断就开始分页了??
/**
* 实现servers接口 ,得到频道文章列表信息
* @param HQL查询语句,startPage:页数,overpage:每页条数
* @return list 文章列表集合
*/
public List<ShNews> selectNews(ShNews sh,int startPage,int pageSize ) {
String hql="from ShNews sh where sh.shType.shTypeId="+sh.getShType().getShTypeId()+" and sh.shUser.shUserId="+sh.getShUser().getShUserId()+"";
List<ShNews> list= news.findNews(hql, startPage, pageSize);
上面应该是个变量吧???我怎么没有看见声明呢?还有就是你不害怕注入式攻击??还用拼接字符串。。。还有就是你都不用判断就开始分页了??
#3
今天早上起床,打开项目一看。正常了。
不明白为什么?
昨晚上重启很多次,也把wepapps下和work下的项目都删除。。重启部署。
project--clear也清理了项目。
然后启动,,还是只能显示10条。
早上没有做任何修改显示了16条。为何!?
------
昨晚:
Hibernate:
select
*
from
( select
shnews0_.SH_NEW_ID as SH1_2_,
shnews0_.SH_USER_ID as SH2_2_,
shnews0_.SH_TYPE_ID as SH3_2_,
shnews0_.SH_ROLE_ID as SH4_2_,
shnews0_.SH_NEW_TITLE as SH5_2_,
shnews0_.SH_NEW_CONTENT as SH6_2_,
shnews0_.SH_NEW_TIME as SH7_2_,
shnews0_.SH_END_TIME as SH8_2_,
shnews0_.SH_NEW_STATUS as SH9_2_,
shnews0_.SH_NEW_URL as SH10_2_,
shnews0_.SH_NEW_BACKID as SH11_2_,
shnews0_.SH_USER_NAME as SH12_2_,
shnews0_.SH_NEW_TYPE as SH13_2_
from
CENETWORK.SH_NEWS shnews0_
where
shnews0_.SH_TYPE_ID=7
and shnews0_.SH_USER_ID=402 )
where
rownum <= ?
syso..(starPage+","+pageSize)=1,16
syso...(list.size())=10
---------------------------
Hibernate:
select
*
from
( select
shnews0_.SH_NEW_ID as SH1_2_,
shnews0_.SH_USER_ID as SH2_2_,
shnews0_.SH_TYPE_ID as SH3_2_,
shnews0_.SH_ROLE_ID as SH4_2_,
shnews0_.SH_NEW_TITLE as SH5_2_,
shnews0_.SH_NEW_CONTENT as SH6_2_,
shnews0_.SH_NEW_TIME as SH7_2_,
shnews0_.SH_END_TIME as SH8_2_,
shnews0_.SH_NEW_STATUS as SH9_2_,
shnews0_.SH_NEW_URL as SH10_2_,
shnews0_.SH_NEW_BACKID as SH11_2_,
shnews0_.SH_USER_NAME as SH12_2_,
shnews0_.SH_NEW_TYPE as SH13_2_
from
CENETWORK.SH_NEWS shnews0_
where
shnews0_.SH_TYPE_ID=7
and shnews0_.SH_USER_ID=402 )
where
rownum <= ?
syso..(starPage+","+pageSize)=1,16
syso..(list.size())=16
不明白为什么?
昨晚上重启很多次,也把wepapps下和work下的项目都删除。。重启部署。
project--clear也清理了项目。
然后启动,,还是只能显示10条。
早上没有做任何修改显示了16条。为何!?
------
昨晚:
Hibernate:
select
*
from
( select
shnews0_.SH_NEW_ID as SH1_2_,
shnews0_.SH_USER_ID as SH2_2_,
shnews0_.SH_TYPE_ID as SH3_2_,
shnews0_.SH_ROLE_ID as SH4_2_,
shnews0_.SH_NEW_TITLE as SH5_2_,
shnews0_.SH_NEW_CONTENT as SH6_2_,
shnews0_.SH_NEW_TIME as SH7_2_,
shnews0_.SH_END_TIME as SH8_2_,
shnews0_.SH_NEW_STATUS as SH9_2_,
shnews0_.SH_NEW_URL as SH10_2_,
shnews0_.SH_NEW_BACKID as SH11_2_,
shnews0_.SH_USER_NAME as SH12_2_,
shnews0_.SH_NEW_TYPE as SH13_2_
from
CENETWORK.SH_NEWS shnews0_
where
shnews0_.SH_TYPE_ID=7
and shnews0_.SH_USER_ID=402 )
where
rownum <= ?
syso..(starPage+","+pageSize)=1,16
syso...(list.size())=10
---------------------------
Hibernate:
select
*
from
( select
shnews0_.SH_NEW_ID as SH1_2_,
shnews0_.SH_USER_ID as SH2_2_,
shnews0_.SH_TYPE_ID as SH3_2_,
shnews0_.SH_ROLE_ID as SH4_2_,
shnews0_.SH_NEW_TITLE as SH5_2_,
shnews0_.SH_NEW_CONTENT as SH6_2_,
shnews0_.SH_NEW_TIME as SH7_2_,
shnews0_.SH_END_TIME as SH8_2_,
shnews0_.SH_NEW_STATUS as SH9_2_,
shnews0_.SH_NEW_URL as SH10_2_,
shnews0_.SH_NEW_BACKID as SH11_2_,
shnews0_.SH_USER_NAME as SH12_2_,
shnews0_.SH_NEW_TYPE as SH13_2_
from
CENETWORK.SH_NEWS shnews0_
where
shnews0_.SH_TYPE_ID=7
and shnews0_.SH_USER_ID=402 )
where
rownum <= ?
syso..(starPage+","+pageSize)=1,16
syso..(list.size())=16
#4
变量声明了的。没有贴出来。
注入式攻击是什么意思??
还没有判断就,直接赋值就出现了这个问题,,
#5
SQL注入是最基本的攻击手段之一,sql不能这么拼接,最好用占位符,设置参数的方法,不要拼接SQL。
具体请google。